package czy.demo.config.security;

import org.springframework.beans.BeanUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class DefaultUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken)super.attemptAuthentication(request, response);
        DefaultUsernamePasswordAuthenticationToken defaultToken = new DefaultUsernamePasswordAuthenticationToken(token.getPrincipal(),token.getCredentials(),token.getAuthorities());

        DefaultWebAuthenticationDetails defaultDetails = new DefaultWebAuthenticationDetails();
        BeanUtils.copyProperties(token.getDetails(),defaultDetails);
        defaultDetails.setSessionId(request.getSession().getId());
        defaultToken.setDetails(defaultDetails);
        return defaultToken;
    }

}
